1 / 22

Understanding ITIL

This article explores how ITIL can be used to ensure privacy and security in the protection of personal information, considering various laws and regulations such as PIPEDA, HIPAA, GLBA, and more.

adonis
Download Presentation

Understanding ITIL

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Understanding ITIL

  2. Privacy & Security Personal Information Protection Electronic Document Act (PIPEDA) US Patriot Act \ Homeland Security (Critical Infrastructure) Personal Health Information Protection Act (PHIPA) Health Insurance Portability and Accountability Act (HIPAA) SEC Rules 17a-3 & 17a-4 re: Securities Transaction Retention Gramm-Leach Bliley Act (GLBA) privacy of financial information Children’s Online Privacy Protection Act Clinger-Cohen Act (US Gov.) Federal Information Security Mgmt. Act (FISMA) Freedom of Information & Protection of Privacy (FOIPOP) BC Gov FDA Regulated IT Systems Freedom Of Information Act Americans with Disabilities Act, Sec. 508 (website accessibility) Finance Sarbanes Oxley (US) FFIEC US Banking Standards Basel II (World Bank) Turnbull Report (UK) Canadian Bill 198 (MI 52-109 & 52-111) Other International IT Models Corporate Governance for ICT DR 04198 (Australia) Intragob Quality Effort (Mexico) Medical Information System Development (Medis-DC) (Japan) Authority for IT in the Public Administration (AIPA) (Italy) Principles of accurate data processing supported accounting systems (GDPdu & GoBS) (Germany) European Privacy Directive (Safe Harbor Framework) The Legislation Minefield

  3. What Is ITIL? • ITIL is a sevenbook series that guides business users through the planning, delivery and management of quality IT services Information Technology Infrastructure Library

  4. The ITIL Books T h e Technology Planning To Implement Service Management T h e B u s i n e s s Service Management Service Support The Business Perspective ICTInfrastructureManagement Service Delivery Security Management Application Management

  5. Service Support Service Delivery ITIL Simplified Business, Customers & Users ServiceDesk Service LevelManagement IncidentManagement AvailabilityManagement ProblemManagement CapacityManagement ChangeManagement FinancialManagement ReleaseManagement ServiceContinuity ConfigurationManagement

  6. ITIL Service SupportModel The Business, Customers or Users Monitoring Tools Difficulties Queries Enquiries Communications Updates Work-arounds Incidents Customer Survey reports Service Desk Incidents Changes Incident Management Customer Survey reports Problem Management Releases Service reports Incident statistics Audit reports Change Management Problem statistics Problem reports Problem reviews Diagnostic aids Audit reports Release Management Change schedule CAB minutes Change statistics Change reviews Audit reports Release schedule Release statistics Release reviews Secure library’ Testing standards Audit reports Configuration Management CMDB reports CMDB statistics Policy standards Audit reports Cls Relationships Problems Known Errors Incidents Changes Releases CMDB

  7. Service Desk • To provide a strategic central point of contact for customers and an operational single point of contact for managing incidents to resolution • In addition, the Service Desk handles Service Requests

  8. Incident Management • To restore normal service operation as quickly as possible and minimize the adverse impact on business operations

  9. Problem Management • To minimize the adverse impact of incidents and problems on the business that are caused by errors in the IT Infrastructure and to prevent recurrence of incidents related to these errors

  10. Change Management • To ensure that standardized methods and procedures are used for efficient and prompt handling of all changes to minimize the impact of change-related incidents and improve day-to-day operations

  11. Release Management • Release Management takes a holistic view of a change to an IT service and should ensure that all aspects of a Release, both technical and non-technical, are considered together

  12. Configuration Management • To identify, record and report on all IT components that are under the control and scope of Configuration Management

  13. ITIL Service Support

  14. ITIL Service Delivery Model Business, Customers and Users Communications Updates Reports Queries Enquiries Availability Management Service Level Management Availability plan AMDB Design criteria Targets/Thresholds Reports Audit reports Capacity Management SLAs, SLRs OLAs Service reports Service catalogue SIP Exception reports Audit reports Requirements Targets Achievements Capacity plan CDV Targets/thresholds Capacity reports Schedules Audit reports Financial Management For IT Services Financial plan Types and models Costs and charges Reports Budgets and forecasts Audit reports IT Service Continuity Management IT continuity plans BIS and risk analysis Requirements def’n Control centers DR contracts Reports Audit reports Alerts and Exceptions Changes Management Tools

  15. Service Level Management • To maintain and improve IT service quality through a constant cycle of agreeing, monitoring and reporting to meet the customers’ business objectives

  16. Availability Management • To optimize the capability of the IT infrastructure, services and supporting organization to deliver a cost effective and sustained level of availability enabling the business to meet their objectives

  17. Capacity Management • To ensure that all the current and future capacity and performance aspects of the business requirements are provided cost effectively

  18. Financial Management • To provide cost-effective stewardship of the IT assets and resources used in providing IT services

  19. IT Service Continuity Management • To ensure that the required IT technical and services facilities can be recovered within required, and agreed timescales • IT Service Continuity Planning is a systematic approach to create a plan and/or procedures to prevent, cope with and recover from the loss of critical services for extended periods

  20. Service Delivery

  21. What Is ITIL All About? • Aligning IT services with business requirements • A set of best practices, not a methodology • Providing guidance, not a step-by-step, how-to manual; the implementation of ITIL processes will vary from organization to organization • Providing optimal service provision at a justifiable cost • A non-proprietary, vendor-neutral, technology-agnostic set of best practices.

  22. How to Make ITIL a Reality? Key Success Factors Theory – ITIL/CobIT Process • Guidelines for Best Practices • Provides the theory but not the process • Education is an important component • Convert theory to process that is applicable to the unique needs of the organization • Training & Education • Tool configuration Technology • Provide the technology that enables and automates the process • Repeatability, compliance and notifications • Implement processes impossible without technology

More Related